Time for release of OpenSSL 0.9.7.

The tag will be OpenSSL_0_9_7.

CHANGES

@@ -2,7 +2,21 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 0.9.6h and 0.9.7  [XX xxx 2002]
+ Changes between 0.9.6h and 0.9.7  [31 Dec 2002]
+
+  *) Fix session ID handling in SSLv2 client code: the SERVER FINISHED
+     code (06) was taken as the first octet of the session ID and the last
+     octet was ignored consequently. As a result SSLv2 client side session
+     caching could not have worked due to the session ID mismatch between
+     client and server.
+     Behaviour observed by Crispin Flowerday <crispin@flowerday.cx> as
+     PR #377.
+     [Lutz Jaenicke]
+
+  *) Change the declaration of needed Kerberos libraries to use EX_LIBS
+     instead of the special (and badly supported) LIBKRB5.  LIBKRB5 is
+     removed entirely.
+     [Richard Levitte]
 
   *) The hw_ncipher.c engine requires dynamic locks.  Unfortunately, it
      seems that in spite of existing for more than a year, many application

Configure

@@ -480,7 +480,7 @@ my %table=(
 # SCO cc.
 "sco5-cc",  "cc:-belf::(unknown)::-lsocket -lresolv -lnsl:${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:svr3-shared:-Kpic", # des options?
 "sco5-cc-pentium",  "cc:-Kpentium::(unknown)::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:::", # des options?
-"sco5-gcc",  "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lresolv -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:svr3-shared:-fPIC", # the SCO assembler doesn't seem to like our assembler files ...
+"sco5-gcc",  "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lresolv -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:svr3-shared:-fPIC",
 
 # Sinix/ReliantUNIX RM400
 # NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g  */
@@ -1016,10 +1016,12 @@ else
 			}
 		}
 	$withargs{"krb5-lib"} .= " -lresolv"
-		if ("$lresolv");
+		if ("$lresolv" ne "");
 	$withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
 		if $withargs{"krb5-include"} eq "" &&
 		   $withargs{"krb5-dir"} ne "";
+
+	$libs.=$withargs{"krb5-lib"}." " if $withargs{"krb5-lib"} ne "";
 	}
 
 # The DSO code currently always implements all functions so that no
@@ -1075,7 +1077,7 @@ else
 #		}
 	}	
 
-$lflags="$libs$lflags"if ($libs ne "");
+$lflags="$libs$lflags" if ($libs ne "");
 
 if ($no_asm)
 	{
@@ -1238,7 +1240,6 @@ while (<IN>)
 	s/^ARFLAGS=.*/ARFLAGS= $arflags/;
 	s/^PERL=.*/PERL= $perl/;
 	s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
-	s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
 	s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
 	s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
 	s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
@@ -1286,8 +1287,6 @@ print "ARFLAGS       =$arflags\n";
 print "PERL          =$perl\n";
 print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n"
 	if $withargs{"krb5-include"} ne "";
-print "LIBKRB5       =",$withargs{"krb5-lib"},"\n"
-	if $withargs{"krb5-lib"} ne "";
 
 my $des_ptr=0;
 my $des_risc1=0;

FAQ

@@ -44,6 +44,8 @@ OpenSSL  -  Frequently Asked Questions
 * What is special about OpenSSL on Redhat?
 * Why does the OpenSSL compilation fail on MacOS X?
 * Why does the OpenSSL test suite fail on MacOS X?
+* Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]?
+* Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"?
 
 [PROG] Questions about programming with OpenSSL
 
@@ -66,7 +68,7 @@ OpenSSL  -  Frequently Asked Questions
 * Which is the current version of OpenSSL?
 
 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.6h was released on December 5, 2002.
+OpenSSL 0.9.7 was released on December 31, 2002.
 
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
@@ -552,6 +554,34 @@ libraries you just built.
 Look in the file PROBLEMS for a more detailed explanation and for possible
 solutions.
 
+* Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]?
+
+Failure in BN_sqr test is most likely caused by a failure to configure the
+toolkit for current platform or lack of support for the platform in question.
+Run './config -t' and './apps/openssl version -p'. Do these platform
+identifiers match? If they don't, then you most likely failed to run
+./config and you're hereby advised to do so before filing a bug report.
+If ./config itself fails to run, then it's most likely problem with your
+local environment and you should turn to your system administrator (or
+similar). If identifiers match (and/or no alternative identifier is
+suggested by ./config script), then the platform is unsupported. There might
+or might not be a workaround. Most notably on SPARC64 platforms with GNU
+C compiler you should be able to produce a working build by running
+'./config -m32'. I understand that -m32 might not be what you want/need,
+but the build should be operational. For further details turn to
+<openssl-dev@openssl.org>.
+
+* Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"?
+
+As of 0.9.7 assembler routines were overhauled for position independence
+of the machine code, which is essential for shared library support. For
+some reason OpenBSD is equipped with an out-of-date GNU assembler which
+finds the new code offensive. To work around the problem, configure with
+no-asm (and sacrifice a great deal of performance) or upgrade /usr/bin/as.
+For your convenience a pre-compiled replacement binary is provided at
+http://www.openssl.org/~appro/i386-openbsd3-as, which is compiled from
+binutils-2.8 released in 1997.
+
 [PROG] ========================================================================
 
 * Is OpenSSL thread-safe?

Makefile.org

@@ -159,7 +159,6 @@ RMD160_ASM_OBJ= asm/rm86-out.o
 
 # KRB5 stuff
 KRB5_INCLUDES=
-LIBKRB5=
 
 # When we're prepared to use shared libraries in the programs we link here
 # we might set SHLIB_MARK to '$(SHARED_LIBS)'.
@@ -519,7 +518,7 @@ do_reliantunix-shared:
 	libs="$$libs -l$$i"; \
 	done
 
-openssl.pc:
+openssl.pc: Makefile.ssl
 	@ ( echo 'prefix=$(INSTALLTOP)'; \
 	    echo 'exec_prefix=$${prefix}'; \
 	    echo 'libdir=$${exec_prefix}/lib'; \
@@ -530,7 +529,7 @@ openssl.pc:
 	    echo 'Version: '$(VERSION); \
 	    echo 'Requires: '; \
 	    echo 'Libs: -L$${libdir} -lssl -lcrypto $(EX_LIBS)'; \
-	    echo 'Cflags: -I$${includedir}' ) > openssl.pc
+	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > openssl.pc
 
 Makefile.ssl: Makefile.org
 	@echo "Makefile.ssl is older than Makefile.org."
@@ -603,7 +602,7 @@ rehash.time: certs
 		export OPENSSL OPENSSL_DEBUG_MEMORY; \
 		LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
 		if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="`pwd`\;$$PATH";  \
-		elif [ "$(PLATFORM)" != "Cygwin" ];  then PATH="`pwd`:$$PATH"; fi; \
+		elif [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
 		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
 		$(PERL) tools/c_rehash certs)
 	touch rehash.time
@@ -615,7 +614,7 @@ tests: rehash
 	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
 	@LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
 		if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="`pwd`\;$$PATH";  \
-		elif [ "$(PLATFORM)" != "Cygwin" ];  then PATH="`pwd`:$$PATH"; fi; \
+		elif [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
 		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
 		apps/openssl version -a
 
@@ -711,7 +710,7 @@ dist_pem_h:
 install: all install_docs
 	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
 		$(INSTALL_PREFIX)$(INSTALLTOP)/lib \
-		$(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkginfo \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig \
 		$(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
 		$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
 		$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
@@ -765,7 +764,7 @@ install: all install_docs
 			set $(MAKE); \
 			$$1 -f $$here/Makefile link-shared ); \
 	fi
-	cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkginfo
+	cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/lib/pkgconfig
 
 install_docs:
 	@$(PERL) $(TOP)/util/mkdir-p.pl \

PROBLEMS

@@ -62,3 +62,11 @@ What happens is that gcc might optimize a little too agressively, and
 you end up with an extra incrementation when *header != '4'.
 
 We recommend that you upgrade gcc to as high a 3.x version as you can.
+
+* solaris64-sparcv9-cc SHA-1 performance with WorkShop 6 compiler.
+
+As subject suggests SHA-1 might perform poorly (4 times slower)
+if compiled with WorkShop 6 compiler and -xarch=v9. The cause for
+this seems to be the fact that compiler emits multiplication to
+perform shift operations:-( To work the problem around configure
+with './Configure solaris64-sparcv9-cc -DMD32_REG_T=int'.

README

@@ -1,5 +1,5 @@
 
- OpenSSL 0.9.7-beta6 17 Dec 2002
+ OpenSSL 0.9.7 31 Dec 2002
 
  Copyright (c) 1998-2002 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

STATUS

@@ -1,16 +1,11 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2002/12/17 14:24:51 $
+  ______________                           $Date: 2002/12/30 23:54:11 $
 
   DEVELOPMENT STATE
 
     o  OpenSSL 0.9.8:  Under development...
-    o  OpenSSL 0.9.7-beta6: Released on December 17th, 2002
-    o  OpenSSL 0.9.7-beta5: Released on December  5th, 2002
-    o  OpenSSL 0.9.7-beta4: Released on November 19th, 2002
-    o  OpenSSL 0.9.7-beta3: Released on July     30th, 2002
-    o  OpenSSL 0.9.7-beta2: Released on June     16th, 2002
-    o  OpenSSL 0.9.7-beta1: Released on June      1st, 2002
+    o  OpenSSL 0.9.7:  Released on December  31st, 2002
     o  OpenSSL 0.9.6h: Released on December   5th, 2002
     o  OpenSSL 0.9.6g: Released on August     9th, 2002
     o  OpenSSL 0.9.6f: Released on August     8th, 2002
@@ -32,9 +27,6 @@
 
   RELEASE SHOWSTOPPERS
 
-    o BN_mod_mul verification fails for mips3-sgi-irix
-      unless configured with no-asm
-
     o [2002-11-21]
       PR 343 mentions that scrubbing memory with 'memset(ptr, 0, n)' may
       be optimized away in modern compilers.  This is definitely not good

TABLE

@@ -3708,15 +3708,15 @@ $thread_cflag = (unknown)
 $sys_id       = 
 $lflags       = -lsocket -lresolv -lnsl
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-elf.o asm/co86-elf.o
-$des_obj      = asm/dx86-elf.o asm/yx86-elf.o
-$bf_obj       = asm/bx86-elf.o
-$md5_obj      = asm/mx86-elf.o
-$sha1_obj     = asm/sx86-elf.o
-$cast_obj     = asm/cx86-elf.o
-$rc4_obj      = asm/rx86-elf.o
-$rmd160_obj   = asm/rm86-elf.o
-$rc5_obj      = asm/r586-elf.o
+$bn_obj       = 
+$des_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
 $dso_scheme   = dlfcn
 $shared_target= svr3-shared
 $shared_cflag = -fPIC

apps/Makefile.ssl

@@ -18,7 +18,6 @@ PERL=		perl
 RM=		rm -f
 # KRB5 stuff
 KRB5_INCLUDES=
-LIBKRB5=
 
 PEX_LIBS=
 EX_LIBS= 
@@ -108,7 +107,7 @@ install:
 	(echo installing $$i; \
 	 cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
 	 chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/misc/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/misc/$$i ); \
+	 mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
 	 done
 	@cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
 	chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
@@ -152,7 +151,7 @@ $(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
 	-(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; \
 		LIBPATH="`pwd`"; LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; \
 		if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="`pwd`\;$$PATH";  \
-		elif [ "$(PLATFORM)" != "Cygwin" ];  then PATH="`pwd`:$$PATH"; fi; \
+		elif [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
 		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
 		$(PERL) tools/c_rehash certs)
 

apps/ca.c

@@ -1021,7 +1021,7 @@ bad:
 			}
 
 		if (verbose)
-			BIO_printf(bio_err, "Succesfully loaded extensions file %s\n", extfile);
+			BIO_printf(bio_err, "Successfully loaded extensions file %s\n", extfile);
 
 		/* We can have sections in the ext file */
 		if (!extensions && !(extensions = NCONF_get_string(extconf, "default", "extensions")))

apps/makeapps.com

@@ -166,7 +166,7 @@ $!     TCPIP_PROGRAMS = ",S_SERVER,S_CLIENT,SESS_ID,CIPHERS,S_TIME,"
 $!
 $! Setup exceptional compilations
 $!
-$ COMPILEWITH_CC2 = ",S_SOCKET,S_SERVER,S_CLIENT,"
+$ COMPILEWITH_CC2 = ",S_SERVER,S_CLIENT,"
 $!
 $ PHASE := LIB
 $!

apps/req.c

@@ -135,7 +135,6 @@ static int req_check_len(int len,int n_min,int n_max);
 static int check_end(char *str, char *end);
 #ifndef MONOLITH
 static char *default_config_file=NULL;
-static CONF *config=NULL;
 #endif
 static CONF *req_conf=NULL;
 static int batch=0;

crypto/Makefile.ssl

@@ -141,7 +141,7 @@ depend:
 	@for i in $(SDIRS) ;\
 	do \
 	(cd $$i && echo "making depend in crypto/$$i..." && \
-	$(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' PERL='${PERL}' depend ); \
+	$(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ); \
 	done;
 
 clean:

crypto/aes/aes.h

@@ -56,8 +56,9 @@
 #error AES is disabled.
 #endif
 
-static const int AES_DECRYPT = 0;
-static const int AES_ENCRYPT = 1;
+#define AES_ENCRYPT	1
+#define AES_DECRYPT	0
+
 /* Because array size can't be a const in C, the following two are macros.
    Both sizes are in bytes. */
 #define AES_MAXNR 14

crypto/bio/bss_file.c

@@ -247,7 +247,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
 			ret=0;
 			break;
 			}
-#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS)
+#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_OS2)
 		if (!(num & BIO_FP_TEXT))
 			strcat(p,"b");
 		else

crypto/bn/asm/vms.mar

@@ -172,7 +172,7 @@ n=12 ;(AP)	n	by value (input)
 ; }
 ;
 ; Using EDIV would be very easy, if it didn't do signed calculations.
-; Any time, any of the input numbers are signed, there are problems,
+; Any time any of the input numbers are signed, there are problems,
 ; usually with integer overflow, at which point it returns useless
 ; data (the quotient gets the value of l, and the remainder becomes 0).
 ;
@@ -180,21 +180,26 @@ n=12 ;(AP)	n	by value (input)
 ; it by 2 (unsigned), do the division, multiply the resulting quotient
 ; and remainder by 2, add the bit that was dropped when dividing by 2
 ; to the remainder, and do some adjustment so the remainder doesn't
-; end up larger than the divisor.  This method works as long as the
-; divisor is positive, so we'll keep that (with a small adjustment)
-; as the main method.
-; For some cases when the divisor is negative (from EDIV's point of
-; view, i.e. when the highest bit is set), dividing the dividend by
-; 2 isn't enough, it needs to be divided by 4.  Furthermore, the
-; divisor needs to be divided by 2 (unsigned) as well, to avoid more
-; problems with the sign.  In this case, a little extra fiddling with
-; the remainder is required.
+; end up larger than the divisor.  For some cases when the divisor is
+; negative (from EDIV's point of view, i.e. when the highest bit is set),
+; dividing the dividend by 2 isn't enough, and since some operations
+; might generate integer overflows even when the dividend is divided by
+; 4 (when the high part of the shifted down dividend ends up being exactly
+; half of the divisor, the result is the quotient 0x80000000, which is
+; negative...) it needs to be divided by 8.  Furthermore, the divisor needs
+; to be divided by 2 (unsigned) as well, to avoid more problems with the sign.
+; In this case, a little extra fiddling with the remainder is required.
 ;
 ; So, the simplest way to handle this is always to divide the dividend
-; by 4, and to divide the divisor by 2 if it's highest bit is set.
-; After EDIV has been used, the quotient gets multiplied by 4 if the
-; original divisor was positive, otherwise 2.  The remainder, oddly
-; enough, is *always* multiplied by 4.
+; by 8, and to divide the divisor by 2 if it's highest bit is set.
+; After EDIV has been used, the quotient gets multiplied by 8 if the
+; original divisor was positive, otherwise 4.  The remainder, oddly
+; enough, is *always* multiplied by 8.
+; NOTE: in the case mentioned above, where the high part of the shifted
+; down dividend ends up being exactly half the shifted down divisor, we
+; end up with a 33 bit quotient.  That's no problem however, it usually
+; means we have ended up with a too large remainder as well, and the
+; problem is fixed by the last part of the algorithm (next paragraph).
 ;
 ; The routine ends with comparing the resulting remainder with the
 ; original divisor and if the remainder is larger, subtract the
@@ -204,15 +209,19 @@ n=12 ;(AP)	n	by value (input)
 ; The complete algorithm looks like this:
 ;
 ; d'    = d
-; l'    = l & 3
-; [h,l] = [h,l] >> 2
+; l'    = l & 7
+; [h,l] = [h,l] >> 3
 ; [q,r] = floor([h,l] / d)	# This is the EDIV operation
 ; if (q < 0) q = -q		# I doubt this is necessary any more
 ;
-; r'    = r >> 30
-; if (d' >= 0) q = q << 1
-; q     = q << 1
-; r     = (r << 2) + l'
+; r'    = r >> 29
+; if (d' >= 0)
+;   q'  = q >> 29
+;   q   = q << 3
+; else
+;   q'  = q >> 30
+;   q   = q << 2
+; r     = (r << 3) + l'
 ;
 ; if (d' < 0)
 ;   {
@@ -220,14 +229,14 @@ n=12 ;(AP)	n	by value (input)
 ;     while ([r',r] < 0)
 ;       {
 ;         [r',r] = [r',r] + d
-;         q = q - 1
+;         [q',q] = [q',q] - 1
 ;       }
 ;   }
 ;
-; while ([r',r] >= d)
+; while ([r',r] >= d')
 ;   {
-;     [r',r] = [r',r] - d
-;     q = q + 1
+;     [r',r] = [r',r] - d'
+;     [q',q] = [q',q] + 1
 ;   }
 ;
 ; return q
@@ -236,31 +245,37 @@ h=4 ;(AP)	h	by value (input)
 l=8 ;(AP)	l	by value (input)
 d=12 ;(AP)	d	by value (input)
 
-;lprim=r5
-;rprim=r6
-;dprim=r7
-
+;r2 = l, q
+;r3 = h, r
+;r4 = d
+;r5 = l'
+;r6 = r'
+;r7 = d'
+;r8 = q'
 
 	.psect	code,nowrt
 
-.entry	bn_div_words,^m<r2,r3,r4,r5,r6,r7>
+.entry	bn_div_words,^m<r2,r3,r4,r5,r6,r7,r8>
 	movl	l(ap),r2
 	movl	h(ap),r3
 	movl	d(ap),r4
 
-	bicl3	#^XFFFFFFFC,r2,r5 ; l' = l & 3
-	bicl3	#^X00000003,r2,r2
+	bicl3	#^XFFFFFFF8,r2,r5 ; l' = l & 7
+	bicl3	#^X00000007,r2,r2
 
-	bicl3	#^XFFFFFFFC,r3,r6
-	bicl3	#^X00000003,r3,r3
+	bicl3	#^XFFFFFFF8,r3,r6
+	bicl3	#^X00000007,r3,r3
         
 	addl	r6,r2
-	rotl	#-2,r2,r2	; l = l >> 2
-	rotl	#-2,r3,r3	; h = h >> 2
+
+	rotl	#-3,r2,r2	; l = l >> 3
+	rotl	#-3,r3,r3	; h = h >> 3
                 
-	movl	#0,r6
 	movl	r4,r7		; d' = d
 
+	movl	#0,r6		; r' = 0
+	movl	#0,r8		; q' = 0
+
 	tstl	r4
 	beql	666$		; Uh-oh, the divisor is 0...
 	bgtr	1$
@@ -277,37 +292,36 @@ d=12 ;(AP)	d	by value (input)
 3$:     
 	tstl	r7
 	blss	4$
-	ashl	#1,r2,r2	; q = q << 1
-4$:     
-	ashl	#1,r2,r2	; q = q << 1
-	rotl	#2,r3,r3	; r = r << 2
-	bicl3	#^XFFFFFFFC,r3,r6 ; r' gets the high bits from r
-	bicl3	#^X00000003,r3,r3
+	rotl	#3,r2,r2	;   q = q << 3
+	bicl3	#^XFFFFFFF8,r2,r8 ;    q' gets the high bits from q
+	bicl3	#^X00000007,r2,r2
+	bsb	41$
+4$:				; else
+	rotl	#2,r2,r2	;   q = q << 2
+	bicl3	#^XFFFFFFFC,r2,r8 ;   q' gets the high bits from q
+	bicl3	#^X00000003,r2,r2
+41$:
+	rotl	#3,r3,r3	; r = r << 3
+	bicl3	#^XFFFFFFF8,r3,r6 ; r' gets the high bits from r
+	bicl3	#^X00000007,r3,r3
 	addl	r5,r3		; r = r + l'
 
 	tstl	r7
 	bgeq	5$
 	bitl	#1,r7
-	beql	5$		; if d < 0 && d & 1
-	subl	r2,r3		;   [r',r] = [r',r] - q
-	sbwc	#0,r6
+	beql	5$		; if d' < 0 && d' & 1
+	subl	r2,r3		;   [r',r] = [r',r] - [q',q]
+	sbwc	r8,r6
 45$:
 	bgeq	5$		;   while r < 0
-	decl	r2		;     q = q - 1
-	addl	r7,r3		;     [r',r] = [r',r] + d
+	decl	r2		;     [q',q] = [q',q] - 1
+	sbwc	#0,r8
+	addl	r7,r3		;     [r',r] = [r',r] + d'
 	adwc	#0,r6
 	brb	45$
 
-5$:
-	tstl	r6
-	bneq	6$
-	cmpl	r3,r7
-	blssu	42$		; while [r',r] >= d'
-6$:
-	subl	r7,r3		;   [r',r] = [r',r] - d
-	sbwc	#0,r6
-	incl	r2		;   q = q + 1
-	brb	5$	
+; The return points are placed in the middle to keep a short distance from
+; all the branch points
 42$:
 ;	movl	r3,r1
 	movl	r2,r0
@@ -315,6 +329,18 @@ d=12 ;(AP)	d	by value (input)
 666$:
 	movl	#^XFFFFFFFF,r0
 	ret
+
+5$:
+	tstl	r6
+	bneq	6$
+	cmpl	r3,r7
+	blssu	42$		; while [r',r] >= d'
+6$:
+	subl	r7,r3		;   [r',r] = [r',r] - d'
+	sbwc	#0,r6
+	incl	r2		;   [q',q] = [q',q] + 1
+	adwc	#0,r8
+	brb	5$	
 
 	.title	vax_bn_add_words  unsigned add of two arrays
 ;

crypto/bn/bn_div.c

@@ -282,6 +282,11 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 			q=(BN_ULONG)(((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0);
 #else
 			q=bn_div_words(n0,n1,d0);
+#ifdef BN_DEBUG_LEVITTE
+			fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
+X) -> 0x%08X\n",
+				n0, n1, d0, q);
+#endif
 #endif
 
 #ifndef REMAINDER_IS_ALREADY_CALCULATED
@@ -306,6 +311,11 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 			BN_ULONG t2l,t2h,ql,qh;
 
 			q=bn_div_words(n0,n1,d0);
+#ifdef BN_DEBUG_LEVITTE
+			fprintf(stderr,"DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
+X) -> 0x%08X\n",
+				n0, n1, d0, q);
+#endif
 #ifndef REMAINDER_IS_ALREADY_CALCULATED
 			rem=(n1-q*d0)&BN_MASK2;
 #endif

crypto/bn/bn_lcl.h

@@ -368,7 +368,7 @@ struct bignum_ctx
 	lt=(bl)*(lt); \
 	m1=(bl)*(ht); \
 	ht =(bh)*(ht); \
-	m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS(1L); \
+	m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS((BN_ULONG)1); \
 	ht+=HBITS(m); \
 	m1=L2HBITS(m); \
 	lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \

crypto/des/Makefile.ssl

@@ -68,25 +68,25 @@ des: des.o cbc3_enc.o lib
 # elf
 asm/dx86-elf.o: asm/dx86unix.cpp
 	$(CPP) -DELF	\
-		`(echo $(CFLAGS) | egrep -ie '-[fK]PIC') > /dev/null 2>&1 && echo -DPIC`\
+		`(echo $(CFLAGS) | egrep -ie '-[fK]PIC') > /dev/null 2>&1 && echo -DPIC; exit 0`\
 		-x c asm/dx86unix.cpp | as -o asm/dx86-elf.o
 
 asm/yx86-elf.o: asm/yx86unix.cpp
 	$(CPP) -DELF	\
-		`(echo $(CFLAGS) | egrep -ie '-[fK]PIC') > /dev/null 2>&1 && echo -DPIC`\
+		`(echo $(CFLAGS) | egrep -ie '-[fK]PIC') > /dev/null 2>&1 && echo -DPIC; exit 0`\
 		-x c asm/yx86unix.cpp | as -o asm/yx86-elf.o
 
 # solaris
 asm/dx86-sol.o: asm/dx86unix.cpp
 	$(CC) -E -DSOL	\
-		`(echo $(CFLAGS) | egrep -ie '-[fK]PIC') > /dev/null 2>&1 && echo -DPIC`\
+		`(echo $(CFLAGS) | egrep -ie '-[fK]PIC') > /dev/null 2>&1 && echo -DPIC; exit 0`\
 		asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
 	as -o asm/dx86-sol.o asm/dx86-sol.s
 	rm -f asm/dx86-sol.s
 
 asm/yx86-sol.o: asm/yx86unix.cpp
 	$(CC) -E -DSOL	\
-		`(echo $(CFLAGS) | egrep -ie '-[fK]PIC') > /dev/null 2>&1 && echo -DPIC`\
+		`(echo $(CFLAGS) | egrep -ie '-[fK]PIC') > /dev/null 2>&1 && echo -DPIC; exit 0`\
 		asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
 	as -o asm/yx86-sol.o asm/yx86-sol.s
 	rm -f asm/yx86-sol.s

crypto/md5/Makefile.ssl

@@ -129,7 +129,8 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
-md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
+md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md5.h
+md5_dgst.o: ../../include/openssl/opensslconf.h
 md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c
 md5_dgst.o: md5_locl.h
 md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h

crypto/md5/md5.h

@@ -59,6 +59,8 @@
 #ifndef HEADER_MD5_H
 #define HEADER_MD5_H
 
+#include <openssl/e_os2.h>
+
 #ifdef  __cplusplus
 extern "C" {
 #endif

crypto/md5/md5_locl.h

@@ -58,7 +58,7 @@
 
 #include <stdlib.h>
 #include <string.h>
-#include <openssl/opensslconf.h>
+#include <openssl/e_os2.h>
 #include <openssl/md5.h>
 
 #ifndef MD5_LONG_LOG2

crypto/objects/obj_dat.h

@@ -826,8 +826,8 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 {"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[531]),0},
 {"RC4-40","rc4-40",NID_rc4_40,0,NULL},
 {"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL},
-{"gn","givenName",NID_givenName,3,&(lvalues[535]),0},
-{"SN","surname",NID_surname,3,&(lvalues[538]),0},
+{"GN","givenName",NID_givenName,3,&(lvalues[535]),0},
+{"SN","surName",NID_surname,3,&(lvalues[538]),0},
 {"initials","initials",NID_initials,3,&(lvalues[541]),0},
 {NULL,NULL,NID_undef,0,NULL},
 {"crlDistributionPoints","X509v3 CRL Distribution Points",
@@ -1780,6 +1780,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
 &(nid_objs[70]),/* "DSA-SHA1-old" */
 &(nid_objs[67]),/* "DSA-old" */
 &(nid_objs[297]),/* "DVCS" */
+&(nid_objs[99]),/* "GN" */
 &(nid_objs[381]),/* "IANA" */
 &(nid_objs[34]),/* "IDEA-CBC" */
 &(nid_objs[35]),/* "IDEA-CFB" */
@@ -1926,7 +1927,6 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={
 &(nid_objs[490]),/* "friendlyCountryName" */
 &(nid_objs[156]),/* "friendlyName" */
 &(nid_objs[509]),/* "generationQualifier" */
-&(nid_objs[99]),/* "gn" */
 &(nid_objs[163]),/* "hmacWithSHA1" */
 &(nid_objs[432]),/* "holdInstructionCallIssuer" */
 &(nid_objs[430]),/* "holdInstructionCode" */
@@ -3005,7 +3005,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={
 &(nid_objs[16]),/* "stateOrProvinceName" */
 &(nid_objs[498]),/* "subtreeMaximumQuality" */
 &(nid_objs[497]),/* "subtreeMinimumQuality" */
-&(nid_objs[100]),/* "surname" */
+&(nid_objs[100]),/* "surName" */
 &(nid_objs[459]),/* "textEncodedORAddress" */
 &(nid_objs[293]),/* "textNotice" */
 &(nid_objs[106]),/* "title" */

crypto/objects/obj_mac.h

@@ -1596,7 +1596,7 @@
 #define OBJ_commonName		OBJ_X509,3L
 
 #define SN_surname		"SN"
-#define LN_surname		"surname"
+#define LN_surname		"surName"
 #define NID_surname		100
 #define OBJ_surname		OBJ_X509,4L
 
@@ -1642,7 +1642,7 @@
 #define NID_name		173
 #define OBJ_name		OBJ_X509,41L
 
-#define SN_givenName		"gn"
+#define SN_givenName		"GN"
 #define LN_givenName		"givenName"
 #define NID_givenName		99
 #define OBJ_givenName		OBJ_X509,42L

crypto/objects/objects.txt

@@ -531,7 +531,8 @@ algorithm 29		: RSA-SHA1-2		: sha1WithRSA
 
 X500 4			: X509
 X509 3			: CN			: commonName
-X509 4			: SN			: surname
+!Cname surname
+X509 4			: SN			: surName
 X509 5			: 			: serialNumber
 X509 6			: C			: countryName
 X509 7			: L			: localityName
@@ -541,7 +542,7 @@ X509 11			: OU			: organizationalUnitName
 X509 12			: 			: title
 X509 13			: 			: description
 X509 41			: name			: name
-X509 42			: gn			: givenName
+X509 42			: GN			: givenName
 X509 43			: 			: initials
 X509 44			: 			: generationQualifier
 X509 45			: 			: x500UniqueIdentifier

crypto/opensslv.h

@@ -25,8 +25,8 @@
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-#define OPENSSL_VERSION_NUMBER	0x00907006L
-#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.7-beta6 17 Dec 2002"
+#define OPENSSL_VERSION_NUMBER	0x0090700fL
+#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.7 31 Dec 2002"
 #define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT
 
 

crypto/ossl_typ.h

@@ -55,6 +55,8 @@
 #ifndef HEADER_OPENSSL_TYPES_H
 #define HEADER_OPENSSL_TYPES_H
 
+#include <openssl/e_os2.h>
+
 #ifdef NO_ASN1_TYPEDEFS
 #define ASN1_INTEGER		ASN1_STRING
 #define ASN1_ENUMERATED		ASN1_STRING

doc/apps/ciphers.pod

@@ -203,6 +203,10 @@ cipher suites using DH, including anonymous DH.
 
 anonymous DH cipher suites.
 
+=item B<AES>
+
+cipher suites using AES.
+
 =item B<3DES>
 
 cipher suites using triple DES.
@@ -236,7 +240,9 @@ cipher suites using SHA1.
 =head1 CIPHER SUITE NAMES
 
 The following lists give the SSL or TLS cipher suites names from the
-relevant specification and their OpenSSL equivalents.
+relevant specification and their OpenSSL equivalents. It should be noted,
+that several cipher suite names do not include the authentication used,
+e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
 
 =head2 SSL v3.0 cipher suites.
 
@@ -306,6 +312,24 @@ relevant specification and their OpenSSL equivalents.
  TLS_DH_anon_WITH_DES_CBC_SHA            ADH-DES-CBC-SHA
  TLS_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
 
+=head2 AES ciphersuites from RFC3268, extending TLS v1.0
+
+ TLS_RSA_WITH_AES_128_CBC_SHA            AES128-SHA
+ TLS_RSA_WITH_AES_256_CBC_SHA            AES256-SHA
+
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA         DH-DSS-AES128-SHA
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA         DH-DSS-AES256-SHA
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA         DH-RSA-AES128-SHA
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA         DH-RSA-AES256-SHA
+
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA        DHE-DSS-AES128-SHA
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA        DHE-DSS-AES256-SHA
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA        DHE-RSA-AES128-SHA
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA        DHE-RSA-AES256-SHA
+
+ TLS_DH_anon_WITH_AES_128_CBC_SHA        ADH-AES128-SHA
+ TLS_DH_anon_WITH_AES_256_CBC_SHA        ADH-AES256-SHA
+
 =head2 Additional Export 1024 and other cipher suites
 
 Note: these ciphers can also be used in SSL v3.

doc/standards.txt

@@ -42,9 +42,6 @@ whole or at least great parts) in OpenSSL.
 2268 A Description of the RC2(r) Encryption Algorithm. R. Rivest.
      January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL)
 
-2314 PKCS 10: Certification Request Syntax Version 1.5. B. Kaliski.
-     March 1998. (Format: TXT=15814 bytes) (Status: INFORMATIONAL)
-
 2315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski.
      March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL)
 
@@ -52,10 +49,6 @@ whole or at least great parts) in OpenSSL.
      J. Staddon. October 1998. (Format: TXT=73529 bytes) (Obsoletes
      RFC2313) (Status: INFORMATIONAL)
 
-2459 Internet X.509 Public Key Infrastructure Certificate and CRL
-     Profile. R. Housley, W. Ford, W. Polk, D. Solo. January 1999.
-     (Format: TXT=278438 bytes) (Status: PROPOSED STANDARD)
-
 PKCS#8: Private-Key Information Syntax Standard
 
 PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
@@ -65,6 +58,35 @@ PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
      C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED
      STANDARD)
 
+2712 Addition of Kerberos Cipher Suites to Transport Layer Security
+     (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes)
+     (Status: PROPOSED STANDARD)
+
+2898 PKCS #5: Password-Based Cryptography Specification Version 2.0.
+     B. Kaliski. September 2000. (Format: TXT=68692 bytes) (Status:
+     INFORMATIONAL)
+
+2986 PKCS #10: Certification Request Syntax Specification Version 1.7.
+     M. Nystrom, B. Kaliski. November 2000. (Format: TXT=27794 bytes)
+     (Obsoletes RFC2314) (Status: INFORMATIONAL)
+
+3174 US Secure Hash Algorithm 1 (SHA1). D. Eastlake 3rd, P. Jones.
+     September 2001. (Format: TXT=35525 bytes) (Status: INFORMATIONAL)
+
+3268 Advanced Encryption Standard (AES) Ciphersuites for Transport
+     Layer Security (TLS). P. Chown. June 2002. (Format: TXT=13530 bytes)
+     (Status: PROPOSED STANDARD)
+
+3279 Algorithms and Identifiers for the Internet X.509 Public Key
+     Infrastructure Certificate and Certificate Revocation List (CRL)
+     Profile. L. Bassham, W. Polk, R. Housley. April 2002. (Format:
+     TXT=53833 bytes) (Status: PROPOSED STANDARD)
+
+3280 Internet X.509 Public Key Infrastructure Certificate and
+     Certificate Revocation List (CRL) Profile. R. Housley, W. Polk, W.
+     Ford, D. Solo. April 2002. (Format: TXT=295556 bytes) (Obsoletes
+     RFC2459) (Status: PROPOSED STANDARD)
+
 
 Related:
 --------
@@ -90,23 +112,60 @@ STARTTLS documents.
      Certification and Related Services. B. Kaliski. February 1993.
      (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD)
 
-2256 A Summary of the X.500(96) User Schema for use with LDAPv3. M.
-     Wahl. December 1997. (Format: TXT=32377 bytes) (Status: PROPOSED
-     STANDARD)
+2025 The Simple Public-Key GSS-API Mechanism (SPKM). C. Adams. October
+     1996. (Format: TXT=101692 bytes) (Status: PROPOSED STANDARD)
 
-2487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman.
-     January 1999. (Format: TXT=15120 bytes) (Status: PROPOSED STANDARD)
+2510 Internet X.509 Public Key Infrastructure Certificate Management
+     Protocols. C. Adams, S. Farrell. March 1999. (Format: TXT=158178
+     bytes) (Status: PROPOSED STANDARD)
+
+2511 Internet X.509 Certificate Request Message Format. M. Myers, C.
+     Adams, D. Solo, D. Kemp. March 1999. (Format: TXT=48278 bytes)
+     (Status: PROPOSED STANDARD)
+
+2527 Internet X.509 Public Key Infrastructure Certificate Policy and
+     Certification Practices Framework. S. Chokhani, W. Ford. March 1999.
+     (Format: TXT=91860 bytes) (Status: INFORMATIONAL)
+
+2538 Storing Certificates in the Domain Name System (DNS). D. Eastlake
+     3rd, O. Gudmundsson. March 1999. (Format: TXT=19857 bytes) (Status:
+     PROPOSED STANDARD)
+
+2539 Storage of Diffie-Hellman Keys in the Domain Name System (DNS).
+     D. Eastlake 3rd. March 1999. (Format: TXT=21049 bytes) (Status:
+     PROPOSED STANDARD)
+
+2559 Internet X.509 Public Key Infrastructure Operational Protocols -
+     LDAPv2. S. Boeyen, T. Howes, P. Richard. April 1999. (Format:
+     TXT=22889 bytes) (Updates RFC1778) (Status: PROPOSED STANDARD)
 
 2585 Internet X.509 Public Key Infrastructure Operational Protocols:
      FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813
      bytes) (Status: PROPOSED STANDARD)
 
+2587 Internet X.509 Public Key Infrastructure LDAPv2 Schema. S.
+     Boeyen, T. Howes, P. Richard. June 1999. (Format: TXT=15102 bytes)
+     (Status: PROPOSED STANDARD)
+
 2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999.
      (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD)
 
-2712 Addition of Kerberos Cipher Suites to Transport Layer Security
-     (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes)
-     (Status: PROPOSED STANDARD)
+2631 Diffie-Hellman Key Agreement Method. E. Rescorla. June 1999.
+     (Format: TXT=25932 bytes) (Status: PROPOSED STANDARD)
+
+2632 S/MIME Version 3 Certificate Handling. B. Ramsdell, Ed.. June
+     1999. (Format: TXT=27925 bytes) (Status: PROPOSED STANDARD)
+
+2716 PPP EAP TLS Authentication Protocol. B. Aboba, D. Simon. October
+     1999. (Format: TXT=50108 bytes) (Status: EXPERIMENTAL)
+
+2773 Encryption using KEA and SKIPJACK. R. Housley, P. Yee, W. Nace.
+     February 2000. (Format: TXT=20008 bytes) (Updates RFC0959) (Status:
+     EXPERIMENTAL)
+
+2797 Certificate Management Messages over CMS. M. Myers, X. Liu, J.
+     Schaad, J. Weinstein. April 2000. (Format: TXT=103357 bytes) (Status:
+     PROPOSED STANDARD)
 
 2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May
      2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED
@@ -115,6 +174,77 @@ STARTTLS documents.
 2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes)
      (Status: INFORMATIONAL)
 
+2876 Use of the KEA and SKIPJACK Algorithms in CMS. J. Pawling. July
+     2000. (Format: TXT=29265 bytes) (Status: INFORMATIONAL)
+
+2984 Use of the CAST-128 Encryption Algorithm in CMS. C. Adams.
+     October 2000. (Format: TXT=11591 bytes) (Status: PROPOSED STANDARD)
+
+2985 PKCS #9: Selected Object Classes and Attribute Types Version 2.0.
+     M. Nystrom, B. Kaliski. November 2000. (Format: TXT=70703 bytes)
+     (Status: INFORMATIONAL)
+
+3029 Internet X.509 Public Key Infrastructure Data Validation and
+     Certification Server Protocols. C. Adams, P. Sylvester, M. Zolotarev,
+     R. Zuccherato. February 2001. (Format: TXT=107347 bytes) (Status:
+     EXPERIMENTAL)
+
+3039 Internet X.509 Public Key Infrastructure Qualified Certificates
+     Profile. S. Santesson, W. Polk, P. Barzin, M. Nystrom. January 2001.
+     (Format: TXT=67619 bytes) (Status: PROPOSED STANDARD)
+
+3058 Use of the IDEA Encryption Algorithm in CMS. S. Teiwes, P.
+     Hartmann, D. Kuenzi. February 2001. (Format: TXT=17257 bytes)
+     (Status: INFORMATIONAL)
+
+3161 Internet X.509 Public Key Infrastructure Time-Stamp Protocol
+     (TSP). C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001.
+     (Format: TXT=54585 bytes) (Status: PROPOSED STANDARD)
+
+3185 Reuse of CMS Content Encryption Keys. S. Farrell, S. Turner.
+     October 2001. (Format: TXT=20404 bytes) (Status: PROPOSED STANDARD)
+
+3207 SMTP Service Extension for Secure SMTP over Transport Layer
+     Security. P. Hoffman. February 2002. (Format: TXT=18679 bytes)
+     (Obsoletes RFC2487) (Status: PROPOSED STANDARD)
+
+3217 Triple-DES and RC2 Key Wrapping. R. Housley. December 2001.
+     (Format: TXT=19855 bytes) (Status: INFORMATIONAL)
+
+3274 Compressed Data Content Type for Cryptographic Message Syntax
+     (CMS). P. Gutmann. June 2002. (Format: TXT=11276 bytes) (Status:
+     PROPOSED STANDARD)
+
+3278 Use of Elliptic Curve Cryptography (ECC) Algorithms in
+     Cryptographic Message Syntax (CMS). S. Blake-Wilson, D. Brown, P.
+     Lambert. April 2002. (Format: TXT=33779 bytes) (Status:
+     INFORMATIONAL)
+
+3281 An Internet Attribute Certificate Profile for Authorization. S.
+     Farrell, R. Housley. April 2002. (Format: TXT=90580 bytes) (Status:
+     PROPOSED STANDARD)
+
+3369 Cryptographic Message Syntax (CMS). R. Housley. August 2002.
+     (Format: TXT=113975 bytes) (Obsoletes RFC2630, RFC3211) (Status:
+     PROPOSED STANDARD)
+
+3370 Cryptographic Message Syntax (CMS) Algorithms. R. Housley. August
+     2002. (Format: TXT=51001 bytes) (Obsoletes RFC2630, RFC3211) (Status:
+     PROPOSED STANDARD)
+
+3377 Lightweight Directory Access Protocol (v3): Technical
+     Specification. J. Hodges, R. Morgan. September 2002. (Format:
+     TXT=9981 bytes) (Updates RFC2251, RFC2252, RFC2253, RFC2254, RFC2255,
+     RFC2256, RFC2829, RFC2830) (Status: PROPOSED STANDARD)
+
+3394 Advanced Encryption Standard (AES) Key Wrap Algorithm. J. Schaad,
+     R. Housley. September 2002. (Format: TXT=73072 bytes) (Status:
+     INFORMATIONAL)
+
+3436 Transport Layer Security over Stream Control Transmission
+     Protocol. A. Jungmaier, E. Rescorla, M. Tuexen. December 2002.
+     (Format: TXT=16333 bytes) (Status: PROPOSED STANDARD)
+
   "Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>  
  
 
@@ -124,7 +254,3 @@ To be implemented:
 These are documents that describe things that are planed to be
 implemented in the hopefully short future.
 
-2712 Addition of Kerberos Cipher Suites to Transport Layer Security
-     (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes)
-     (Status: PROPOSED STANDARD)
-

ssl/Makefile.ssl

@@ -17,7 +17,6 @@ MAKEFILE=	Makefile.ssl
 AR=		ar r
 # KRB5 stuff
 KRB5_INCLUDES=
-LIBKRB5=
 
 CFLAGS= $(INCLUDES) $(CFLAG)
 

ssl/kssl.c

@@ -1961,7 +1961,7 @@ krb5_error_code  kssl_check_authent(
 	const EVP_CIPHER	*enc = NULL;
 	unsigned char		iv[EVP_MAX_IV_LENGTH];
 	unsigned char		*p, *unenc_authent;
-	int 			padl, outl, unencbufsize;
+	int 			outl, unencbufsize;
 	struct tm		tm_time, *tm_l, *tm_g;
 	time_t			now, tl, tg, tr, tz_offset;
 
@@ -2029,44 +2029,23 @@ krb5_error_code  kssl_check_authent(
 		*/
 		goto err;
 		}
-	if (!EVP_DecryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv))
-		{
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-			"EVP_DecryptInit_ex error decrypting authenticator.\n");
-		krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-		goto err;
-		}
-	if (!EVP_DecryptUpdate(&ciph_ctx, unenc_authent, &outl,
-			dec_authent->cipher->data, dec_authent->cipher->length))
-		{
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-			"EVP_DecryptUpdate error decrypting authenticator.\n");
-		krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-		goto err;
-		}
-	if (outl > unencbufsize)
-		{
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "Buffer overflow decrypting authenticator.\n");
-		krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-		goto err;
-		}
-	if (!EVP_DecryptFinal_ex(&ciph_ctx, &(unenc_authent[outl]), &padl))
-		{
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-			"EVP_DecryptFinal_ex error decrypting authenticator.\n");
-		krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-		goto err;
-		}
-	outl += padl;
-	if (outl > unencbufsize)
-		{
-		kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                        "Buffer overflow decrypting authenticator.\n");
-		krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-		goto err;
-		}
-	EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+        if (!EVP_CipherInit(&ciph_ctx,enc,kssl_ctx->key,iv,0))
+                {
+                kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                        "EVP_CipherInit error decrypting authenticator.\n");
+                krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+                goto err;
+                }
+        outl = dec_authent->cipher->length;
+        if (!EVP_Cipher(&ciph_ctx,unenc_authent,dec_authent->cipher->data,outl))
+                {
+                kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                        "EVP_Cipher error decrypting authenticator.\n");
+                krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+                goto err;
+                }
+        EVP_CIPHER_CTX_cleanup(&ciph_ctx);
 
 #ifdef KSSL_DEBUG
 	printf("kssl_check_authent: decrypted authenticator[%d] =\n", outl);
@@ -2115,6 +2094,7 @@ krb5_error_code  kssl_check_authent(
 	if (auth)		KRB5_AUTHENT_free((KRB5_AUTHENT *) auth);
 	if (dec_authent)	KRB5_ENCDATA_free(dec_authent);
 	if (unenc_authent)	free(unenc_authent);
+	EVP_CIPHER_CTX_cleanup(&ciph_ctx);
 	return krb5rc;
 	}
 

ssl/s23_clnt.c

@@ -105,7 +105,7 @@ SSL_METHOD *SSLv23_client_method(void)
 
 int ssl23_connect(SSL *s)
 	{
-	BUF_MEM *buf;
+	BUF_MEM *buf=NULL;
 	unsigned long Time=time(NULL);
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
 	int ret= -1;
@@ -159,6 +159,7 @@ int ssl23_connect(SSL *s)
 					goto end;
 					}
 				s->init_buf=buf;
+				buf=NULL;
 				}
 
 			if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
@@ -207,6 +208,8 @@ int ssl23_connect(SSL *s)
 		}
 end:
 	s->in_handshake--;
+	if (buf != NULL)
+		BUF_MEM_free(buf);
 	if (cb != NULL)
 		cb(s,SSL_CB_CONNECT_EXIT,ret);
 	return(ret);

ssl/s2_clnt.c

@@ -208,10 +208,13 @@ int ssl2_connect(SSL *s)
 			if (!BUF_MEM_grow(buf,
 				SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
 				{
+				if (buf == s->init_buf)
+					buf=NULL;
 				ret= -1;
 				goto end;
 				}
 			s->init_buf=buf;
+			buf=NULL;
 			s->init_num=0;
 			s->state=SSL2_ST_SEND_CLIENT_HELLO_A;
 			s->ctx->stats.sess_connect++;
@@ -338,6 +341,8 @@ int ssl2_connect(SSL *s)
 		}
 end:
 	s->in_handshake--;
+	if (buf != NULL)
+		BUF_MEM_free(buf);
 	if (cb != NULL) 
 		cb(s,SSL_CB_CONNECT_EXIT,ret);
 	return(ret);
@@ -1009,7 +1014,7 @@ static int get_server_finished(SSL *s)
 		 * or bad things can happen */
 		/* ZZZZZZZZZZZZZ */
 		s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
-		memcpy(s->session->session_id,p,SSL2_SSL_SESSION_ID_LENGTH);
+		memcpy(s->session->session_id,p+1,SSL2_SSL_SESSION_ID_LENGTH);
 		}
 	else
 		{

ssl/s3_clnt.c

@@ -164,7 +164,7 @@ SSL_METHOD *SSLv3_client_method(void)
 
 int ssl3_connect(SSL *s)
 	{
-	BUF_MEM *buf;
+	BUF_MEM *buf=NULL;
 	unsigned long Time=time(NULL),l;
 	long num1;
 	void (*cb)(const SSL *ssl,int type,int val)=NULL;
@@ -225,6 +225,7 @@ int ssl3_connect(SSL *s)
 					goto end;
 					}
 				s->init_buf=buf;
+				buf=NULL;
 				}
 
 			if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
@@ -503,6 +504,8 @@ int ssl3_connect(SSL *s)
 		}
 end:
 	s->in_handshake--;
+	if (buf != NULL)
+		BUF_MEM_free(buf);
 	if (cb != NULL)
 		cb(s,SSL_CB_CONNECT_EXIT,ret);
 	return(ret);

ssl/ssltest.c

@@ -111,9 +111,6 @@
 
 #define _BSD_SOURCE 1		/* Or gethostname won't be declared properly
 				   on Linux and GNU platforms. */
-#define _XOPEN_SOURCE_EXTENDED	1 /* Or gethostname won't be declared properly
-				   on Compaq platforms (at least with DEC C).
-				*/
 
 #include <assert.h>
 #include <errno.h>
@@ -134,6 +131,13 @@
 #include <openssl/engine.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>
+
+#define _XOPEN_SOURCE_EXTENDED	1 /* Or gethostname won't be declared properly
+				     on Compaq platforms (at least with DEC C).
+				     Do not try to put it earlier, or IPv6 includes
+				     get screwed...
+				  */
+
 #ifdef OPENSSL_SYS_WINDOWS
 #include <winsock.h>
 #include "../crypto/bio/bss_file.c"

test/Makefile.ssl

@@ -120,7 +120,7 @@ apps:
 
 SET_SO_PATHS=LIBPATH="`cd ..; pwd`"; LD_LIBRARY_PATH="$$LIBPATH"; DYLD_LIBRARY_PATH="$$LIBPATH"; SHLIB_PATH="$$LIBPATH"; \
 		if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="$$LIBPATH\;$$PATH";  \
-		elif [ "$(PLATFORM)" != "Cygwin" ];  then PATH="$$LIBPATH:$$PATH"; fi; \
+		elif [ "$(PLATFORM)" = "Cygwin" ]; then PATH="$${LIBPATH}:$$PATH"; fi; \
 		export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH
 
 alltests: \

tools/Makefile.ssl

@@ -35,7 +35,7 @@ install:
 	do  \
 	(cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
 	chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
-	mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/misc/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/misc/$$i ); \
+	mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
 	done;
 
 files: